Accelerate the Value of Data

Create Databricks IAM policy in AWS

Learn how to create an Identity and Access Management (IAM) policy in your AWS account for Databricks.

Create an IAM policy to give Databricks the assume role permissions to the Staging and Target buckets. For more information, see topic Policies and permissions in IAM.
To create a policy:
  1. Log in to the AWS Management Console.
  2. In the search field, search for iam.
  3. In the drop-down list of items, hover over IAM and select Policies.
  4. In the Policies page, select Create Policy.
  5. In the Create policy page, provide the permissions for the policy.
    1. Service: Select the stsservice.
    2. Actions: In the Write access level, select AssumeRole.
    3. Resources: Select Add ARN and add the buckets account id and role name from Create buckets IAM role with an external ID in AWS.
    4. Select Add.
  6. Select Next:Tags.
  7. Select Next:Review.
  8. In the Review Policy page, provide the policy details.
    1. Name: Enter a policy name. For example: pm-doc-assume.
    2. Description: Enter a description for the policy.
  9. Select Create Policy. For more information, see topic Creating IAM policies.
{
	"Version": "2012-10-17",
	"Statement": [
		{
			"Effect": "Allow",
			"Action": [
				"sts:AssumeRole"
			],
			"Resource": [
				"arn:aws:iam::BUCKET_AWS_ACCOUNT_ID:role/rolename"
			]
		}
	]
}